Cross site scripting

Microsoft SharePoint uses URLs with the same hostname and port number for a web site's primary files and individual users' uploaded files aka attachments, which allows remote authenticated users to leverage same-origin relationships and conduct cross-site scripting XSS attacks by uploading HTML...

CVE-2008-1264

The Linksys WRT54G router has "admin" as its default FTP password, which allows remote attackers to access sensitive files including nvram.cfg, a file that lists all HTML documents, and an ELF executable file...

CVE-2007-5095

Microsoft Windows Media Player WMP 9 on Windows XP SP2 invokes Internet Explorer to render HTML documents contained inside some media files, regardless of what default web browser is configured, which might allow remote attackers to exploit vulnerabilities in software that the user does not expec...

Hardcoded credentials

Microsoft Windows Media Player WMP 9 on Windows XP SP2 invokes Internet Explorer to render HTML documents contained inside some media files, regardless of what default web browser is configured, which might allow remote attackers to exploit vulnerabilities in software that the user does not expec...

InterActual Player IAMCE ActiveX control stack buffer overflow

Overview The InterActual Player IAMCE ActiveX control contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description InterActual Player is a video DVD playing application for Windows systems. InterActual Player wa...

McAfee ePolicy Orchestrator and ProtectionPilot ActiveX control buffer overflow vulnerability

Overview A vulnerability in an ActiveX control provided with the McAfee ePolicy Orchestrator and ProtectionPilot software could allow a remote attacker to execute arbitrary code on an affected system. Description The McAfee ePolicy Orchestrator and ProtectionPilot are applications that are design...

CVE-2007-0320

CVE-2007-0320 involves Macrovision’s InstallFromTheWeb product (ActiveX control in iftw.dll and Netscape plug-in in npiftw32.dll). The connected sources document multiple buffer overflows in these components that could allow an attacker to execute arbitrary code via crafted HTML documents, potent...

CVE-2006-5442

Removed by vendor...

Kerio WinRoute FireWall multiple DoS conditions

DoS on HTML documents parsing and on oversized Active Directory server reply...

MacOS multiple browsers unauthorized local files access

By using AppleWebKit XMLHttpRequest it's possible to mount disk image with HTML documents to known location...

Microsoft Internet Explorer 6 - Shell.Application Object Script Execution

Microsoft Internet Explorer 6 - Shell.Application Object Script Execution source: https://www.securityfocus.com/bid/10652/info Microsoft Internet Explorer is reported prone to a security weakness that may permit malicious HTML documents the ability to execute script code. This script code has the...

Microsoft Internet Explorer 6 - Codebase Double Backslash Local Zone File Execution

source: https://www.securityfocus.com/bid/10344/info A vulnerability has been reported that may potentially permit HTML documents to gain unauthorized access to local resources by using specific syntax when referencing said resource as a value for the CODEBASE object property. Under certain...

Microsoft Internet Explorer ADODB.Stream Object File Installation Weakness

Description Microsoft Internet Explorer is prone to a security weakness that may permit malicious HTML documents to create or overwrite files on a victim file system when interpreted from the Local Zone or other Security Zones with relaxed security restrictions, such as the Intranet Zone. This...

Microsoft Windows DirectX MIDI library does not adequately validate Text or Copyright parameters in MIDI files

Overview A Microsoft Windows DirectX library, quartz.dll, does not properly validate certain parameters in Musical Instrument Digital Interface MIDI files. An attacker could exploit this vulnerability to execute arbitrary code or crash any application using the library, causing a denial of servic...

CVE-2002-0619

The Mail Merge Tool in Microsoft Word 2002 for Windows, when Microsoft Access is present on a system, allows remote attackers to execute Visual Basic VBA scripts within a mail merge document that is saved in HTML format, aka a "Variant of MS00-071, Word Mail Merge Vulnerability" CVE-2000-0788...

Microsoft Internet Explorer 5/6 - Self-Referential Object Denial of Service

source: https://www.securityfocus.com/bid/4564/info Microsoft Internet Explorer is vulnerable to a denial of service due to an error in handling certain self-referential definitions in HTML documents. This occurs when an object of type "text/html" is specified, with the DATA field referencing the...

Проксирование HTTP-запросов через JAVA (unauthorized access)

Через прокси сервер можно получить и отправить любые html-доументы...

Advisory CA-2002-04 Buffer Overflow in Microsoft Internet Explorer

CERT Advisory CA-2002-04 Buffer Overflow in Microsoft Internet Explorer Original release date: February 25, 2002 Last revised: -- Source: CERT/CC A complete revision history can be found at the end of this file. Systems Affected Microsoft Internet Explorer Microsoft Outlook and Outlook Express...

Aladdin eSafe Gateway Filter Bypass - Updated Advisory

29 May 2001 This is the first of 3 sequential advisories we are issuing today regarding Aladdin eSafe Gateway. This advisory replaces our advisory from 16 May 2001. Status --------- The entire content of this advisory was reviewed and acknowledged by Aladdin. The vulnerability reffers to version...

Aladdin eSafe Gateway script filter bypass

Product: eSafe Gateway Vendor: Aladdin Knowledge Systems www.ealaddin.com Vesrsion: 3.0 was tested and found vulnerable, earlier versions might be vulnerable as well. Status: Vendor was informed. Background -------------------- eSafe Gateway 3.0 is an Internet Content Security product. You can...